Privacy and security news, 2/28/2021
Updated: Mar 5, 2021
Security
Solarwinds continues to make news: The SolarWinds Body Count Now Includes NASA and the FAA They’re also identifying scapegoats SolarWinds Officials Throw Intern Under the Bus for ‘solarwinds123’ Password Fail with Microsoft: We've open-sourced this tool we used to hunt for code by SolarWinds hackers so we’ll even find more victims!
As is to be expected when growth is more important than security Clubhouse’s security and privacy lag behind its explosive growth and as also expected Clubhouse vows to fix its platform after tool enabled audio chat leaks In an interesting discussion Clubhouse illuminates the stark cultural divide between journalists and tech people
And here’s another expected event: Twitter’s new hacking label has already been hacked
Not content to just use their skills themselves, Cybercrime groups are selling their hacking skills. Some countries are buying
And here’s what we get when attack is more important than defense: Chinese Hackers Reportedly Wielded a Stolen NSA Cyber Weapon for Years
The never-ending news about attack method advances
FireEye links 0-day attacks on FTA servers & extortion campaign to FIN11 group
Go malware is now common, having been adopted by both APTs and e-crime groups
Phishing: Cyber criminals are using macros to access your systems
More than 6,700 VMware servers exposed online and vulnerable to major new bug
It’s good to hear that Apple Takes Action Against Silver Sparrow Malware Discovered on 30K Infected Macs but isn’t it a bit late?
Surveillance
In this space too, privacy invading technology appears to advance faster than privacy preserving technology. The latter is just not as profitable!
Facebook's Making a Good Case Why You Should Never Wear Its Smart Glasses
Chinese cyberspies targeted Tibetans with a malicious Firefox add-on
In good news, Mozilla beefs up anti-cross-site tracking in Firefox, as Chrome still lags on privacy
It appears that security and privacy don’t always go together: Security researcher recommends against LastPass after detailing 7 trackers
As privacy violations become more apparent, their penalties are going up! TikTok will pay $92 million to settle class-action data harvesting lawsuit and Judge approves $650 million Facebook privacy settlement over facial recognition feature and that applies just to users in Illinois!
Regulation
As we’ve seen above The Best Law You’ve Never Heard Of is starting to have effect! It’s not all or nothing as One State Managed to Actually Write Rules on Facial Recognition
In major steps, Federal judge rules that California can enforce its net neutrality law as
The House’s has three big ideas to take on tech power